189 Open source projects that are alternatives of or similar to Burp Molly Pack

reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

Utilities for creating Burp Suite Extensions.

Burp extension intended to compact Burp extension tabs by hijacking them to own tab.

Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

BurpSuite收集：包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程，欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar

Automate security tests using Burp Suite.

Burp extension for automated handling of CSRF tokens

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly

Burp extension to passively scan for applications revealing software version numbers

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of information from the Burp Suite project as well as the flexible and dynamic on-the-fly modification of outgoing or incoming HTTP requests using Python scripts. Thus, Turbo Data Miner shall aid in gaining a better and fas…

HackBar plugin for Burpsuite

Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.

Burp Suite extension to passively scan for applications revealing server error messages

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

Unicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】

burpsuite extension for check and extract sensitive request parameter

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Burp Extension that copies a request and builds a FFUF skeleton

burpsuite extension for extract information from data

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

burpsuite extension for check unauthorized vulnerability

InQL - A Burp Extension for GraphQL Security Testing

Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in their official BApp Store).

common methods that used by my burp extension projects

Piper Burp Suite Extender plugin

This Burp extension helps you to find usages of postMessage and recvMessage

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

Automated HTTP Request Repeating With Burp Suite

burp验证码识别接口调用插件

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

Burp Suite extension to discover apikeys/accesstokens and sensitive data from HTTP response.

Exporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

Safety checks your installed dependencies for known security vulnerabilities

基于BurpSuite的一款FOFA Pro 插件

Wazuh - Project documentation

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

Wazuh - Chef cookbooks

EternalView is an all in one basic information gathering and vulnerability assessment tool

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

🐞 Primitive Erlang Security Tool

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

An extensible application for penetration testers and software developers to decode/encode data into various formats.

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Burp Bounty profiles compilation, feel free to contribute!

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

The Correlated CVE Vulnerability And Threat Intelligence Database API